New vulnerabilities found in RSA 1024 and 2048 bit keys.

New vulnerabilities found in RSA 1024 and 2048 bit keys.

Estimated cost of cracking based on access to the Public key only:
1024 bit: $40
2048 bit: $20.000

#security

Time to move away from primes and onto elliptical curves?

https://crocs.fi.muni.cz/public/papers/rsa_ccs17

https://crocs.fi.muni.cz/public/papers/rsa_ccs17

4 thoughts on “New vulnerabilities found in RSA 1024 and 2048 bit keys.

  1. RSA keeps on losing to DH. At least with DH one blends the keys from both sides together and even when talking to losing devices one still has the strength of the local key to protect oneself. This is the same property that gives you PFS (perfect forward security). Disclosure of the remote key buys one little. This problem with RSA has surfaced before when IOT devices chose the same RSA key pairs due to a poor random number generator. Now we have a different bug causing a small and predictable set of RSA keys to be chosen. Time to move away from RSA.

    Like

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.